Jump to content


Malware Hunters
  • Content Count

  • Joined

  • Last visited


About alvarnell

  • Rank
    Macintosh Guru

Profile Information

  • Location
    Mountain View, CA, USA
  • Interests
    Honorary Member
    Macintosh computing, Mac malware analysis and prevention.

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Not sure why you are posting that here. I'll ask for it to be moved to the Android forum. @AdvancedSetup
  2. The location indicated by the Finder is correct and I'm certain that @treed is aware. But having them there should not have anything to do with whatever is causing them to show up as requiring full disk access. There must be some other reason for them to be appearing there for a few and not others.
  3. Sorry I wasn't clear. It's not absolutely safe to assume that something downloaded from Malwarebytes site is "fine," as the two examples I gave indicate. Both those apps were downloaded from developer sites that were hacked.
  4. There have been a couple of examples where a site has been hacked and a legitimate application has been replaced by Ransomware (Transmission & OnyX). That's unlikely to happen here, but there is always that possibility, so the OP is somewhat safer to conduct such a verification.
  5. As long as the application verifies, there is little point in verifying the installer now. If for some reason it was a fake installer with a legit application along with some malware and you already installed it, the damage would have been done (however there is no evidence of there ever having been such a malicious Malwarebytes for Mac installer). Malwarebytes would likely find any such malicious extra payload anyway. As long as the developer ID matches you can ignore the rest. App notarization is a recent enhancement by Apple indicating that the developer ask for it and Apple check the app out and issued that notarization back to the developer before they released it here. So it's actually safer than an app that doesn't have that.
  6. First, welcome to the Forum. As to your first question, see https://support.malwarebytes.com/hc/en-us/articles/360038524514-Verify-Malwarebytes-for-Mac-v3-hasn-t-been-tampered. Although it was written for v3 the same applies for v4. Malwarebytes scans for all types of currently known active malware that impacts macOS and it's applications, which includes computer viruses, worms, Trojan horses, ransomware, spyware (key loggers, etc.), adware, rogue software, and scareware. It will also identify Possibly Unwanted Programs (PUPs).
  7. Perhaps it depends on what version of macOS you are running, whether only one or all three show up?
  8. All three need are legitimate components of the current 4.5 version and should have full disk access enabled for full functionality. I'm not seeing any performance hits in doing so.
  9. All .info sites are initially blocked due to a high incidence of malicious intent there, so each one must be individually cleared.
  10. My guess is that the problem is with Comodo Valkyrie Verdict here: https://www.virustotal.com/gui/url/cdea4a42d25847b0405f434ce003c336cff56291103a645a0160f14cd75faefc/detection You may need to get it cleared up with them before it can be cleared here. And I doubt that the staff will be able to help you before late Monday your time when they come back to work.
  11. Not unless that's a brand new capability as it has never analyzed processes. "Malware protection" has only scanned newly added files in critical locations.
  12. Let me start by asking why you have the Malwarebytes app open? It is only needed for changing settings, running a manual scan and observing results.There is no reason to have it open at other times since scheduled scans and Real Time protection will take place in the background without the need for the app itself. Sorry, I'm completely unfamiliar with Sidenote, so I can't address questions regarding what you have observed. I suspect we would all be interested in learning whether you still seeing focus changes while using it with the Malwarebytes app closed.
  13. Sorry, but only the staff can help with this and they'll be back from the weekend in a few hours. The instructions for the forum ask for a VirusTotal analysis, so I've done that for you: https://www.virustotal.com/gui/url/681ef5121a67b7c4ab8ba8f7f41b1c5fd39d615e124e4978f46c3a4722883f3c/detection. All clean.
  14. Malware imbedded imagery impacting macOS is very rare, in fact I'm not even certain there have been any threats discovered in-the-wild, just proof of concept example(s). If the staff is aware of any such infections, I'm sure they will chime in here.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.